Blog Archives

Last weekend, I decided to bite the bullet and update a Win10-1803 Pro machine to Win10-1809, using Windows Update. I’d taken a system image backup, and as it wasn’t my production machine, I wasn’t too worried.

This machine is under a year old, a purchase necessary when a hardware failure put paid to my trusty Win7 Pro laptop. It allows me to work more than I can manage at my desktop, and does most of the hard yards online, especially here.

Windows Update installed 1809 x64 2019-10B – this was before Woody changed MS-Defcon from 4 to 2. It took 20 minutes to Prepare to Install, and nearly 2 hours to download, and several hours to install.

Needless to say, it didn’t go to plan… The first indication of a problem was after several hours of installing, when a blue screen appeared bearing the words “Stopcode” and “Bad Pool Header”. It restarted, still on 1803, pending install. It continued installing. Eventually it restarted, and I was able to see KB 4521862 and KB 4519338 had installed – along with a bunch of drivers being updated, when the Pro settings were not to download drivers from Windows. I also noticed I hadn’t had to reset the Metered Connection settings to allow the update to download!

After it finished its update, it wasn’t working properly. It looked fairly normal, but restarting started problems – none of the visible desktop items actually worked – not the Start button, any of the TaskBar icons, or anything other than the Ctrl>Alt>Del routine.

I tried Sign Out. It took ages. It caused a loop of: Hi; We’re getting everything ready for you; This might take several minutes – don’t turn off your PC (that part remained until it got to Hi again); Leave everything to us; Windows stays up to date to help protect you in an online world; Making sure your apps are good to go; It’s taking a bit longer than expected, but we’ll get there as fast as we can. This loop took 5 minutes to restart, again, and again, and again.

It had been over 12 hours since the process started at this point. As I had to do my day job, I just left it chugging away in the background while I got on with earning an income. Over 5 hours later, it finally came up for air – a desktop, but still not functioning.

Along the way, I saw various errors:
Error 0x80072EE7
The gpsvc service failed the sign-in – access is denied
windows\system32\config\systemprofile\desktop is unavailable

To add to my woes, it wanted to restart itself again, where it re-entered the 5+ hour loop. I still had work to get done, so I just let it be. No stopcodes this time, but still it didn’t work.

I couldn’t access safe mode, even with Recovery Tool USB access. Start Up Repair “couldn’t fix [the] PC”. Using the Recovery Tool, I was able to access the Command Prompt, where SFC /SCANNOW reported “Not enough memory resources are available to process this command” the first time, and then, after it went through 100%, “Windows Resource Protection could not perform the requested operation”. Attempting to use Restore Points was another failure – they were listed, but “unavailable”.

At this time, I decided it was time to try to restore the system image. Again, the gpsvc error. Apparently there had been some issue prior to the update attempt? I had to put it aside for a few days, until I got time to address it properly. By this stage, I was heading for an ISO file on a USB stick. This laptop now needs to be reset from the ground up, going back over all the metered connection, deferred updates, Customer Experience, Start Menu apps settings etc. etc. etc. – and I’m sure there’ll be something important I forget!

Having got the ISO installed, I was able to run SFC / SCANNOW and DISM /Online /Cleanup-Image /RestoreHealth. All 100% clear, thank goodness.

There are only 5-6 programs to reinstall. If this had been a production machine, I’d have dozens of programs to have to reinstall. It’s still going to take another day or two until I get it back to normal, as I have other things I need to prioritize. If I’m a bit cranky this weekend, you now know why!

I’m really lucky I have a wealth of knowledge, support and expertise here at my disposal. A normal home user would have ended up paying for professional technical support, and if it had been my production machine, would have resulted in a loss of chargeable hours. I’m counting my blessings!

Computers hear when you talk about replacing them and suddenly start doing weird things.

When you are doing a migration process, do not install updates.

…so Saturday night at 3 a.m. the server that housed our old (and still active) domain controller went offline. The time of 3 a.m. is notable as it’s the historical and traditional time that updates are installed in my office. This server is a virtual machine and was housed along with a few others on an older HyperV server that I’m getting ready to retire. In a small environment I normally don’t join the HyperV (virtual server) to the domain, but had in this case in order to do a live migration from the old server to the new server. I was going to leave this one domain controller behind once I migrated off of it on the old server since I was planning to retire it, along with the HyperV. My guess is that because I had joined it to the domain it inadvertantly caught the update policies from the domain and installed updates that I hadn’t intended and it rebooted. Note that I can’t prove this, but I just know what I did to the server and how it went offline at 3 a.m on Saturday morning, which is the exact time that updates are normally installed in my office.

Now comes the fun part. When I went to the office to see why it wasn’t online, it was at a boot prompt waiting for a bitlocker key for the C drive.

Now here’s the thing, when I built this server five years ago I wasn’t comfortable with bitlockering the boot drive so I didn’t do it. I bitlockered (drive encryption) the Data drive on D, but NOT the C drive. And I’m positive I didn’t because I blogged at the time (five years ago) that I wasn’t comfortable with encrypting the boot drive. I had the print out of the bitlocker key for the D drive, but NOT the C drive as I never bitlockered the C drive. I went back in fact and found my blog post where I talked about not bitlockering the C drive.

And the bitlocker key wasn’t hooked to a Microsoft account like my Surface devices, nor was it in AzureAD as again, I never entered it on the C drive. So the two places that you can go to to see if your bitlocker key is there, I know it wouldn’t BE there.

Needless to say I didn’t have a recovery key when I never gave it one. Just for grins I tried the recovery key of the D drive (you can see that above) and it said it was incorrect. Yeah, no kidding! So while I then got out my backup of that server and started the process of restoring it to the new HyperV server, I decided to also reinstall the host OS knowing that once I got into the server I could then reset up the HyperV server that was safely on the D drive untouched. It was an exercise to see which method would be faster and rebuilding the boot drive was faster than the restoration process.

So what update might have triggered this? I honestly don’t know. I know that when I patched this hyperV server based on 2012 R2 I only installed recommended updates not optional ones. I never installed a later .net. Given that I had hooked it to the domain, my guess is, and I can see in my WSUS policies that it had picked up additional patch approvals while on the domain and accidentally installed them. Shame on me I know better than this and while doing migrations I should have turned the windows update service to disabled.

It’s a reminder to me that encryption is wonderful, until it’s not. It’s a reminder to ensure you have an alternative way to get to the web because your normal method may be impacted. It’s a reminder to remember you have backups and to have paper documentation of passwords and information in case you can’t get into the digital copies. It’s a reminder to download a copy of Windows media and have flash drives and external usb hard drives as supplies ready at a moments notice.

….. and finally, it’s a reminder to not talk about new servers and migration plans while the old server is listening. Clearly I hurt it’s feelings.

If a PC is running slow despite having reasonably current and otherwise-healthy hardware, then too-little RAM is for sure a prime suspect… start by loading up on RAM: It’s usually the cheapest, fastest, easiest way to improve performance.

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.